The Latest F-Secure News
Product and Solution Information, Press Releases, Announcements

The single most common source of breaches analyzed in the report was attackers exploiting vulnerabilities in an organization’s internet facing services, which accounted for about 21 percent of security incidents investigated by F-Secure’s incident responders. But phishing and emails with malicious attachments together accounted for about 34 percent of breaches, which F-Secure Principal Security Consultant Tom Van de Wiele says make attacks arriving via email a much bigger pain point for organizations.

“Our unique combination of advanced technology and artificial intelligence with the best human expertise and nearly thirty years of experience in protecting customers from threats give our security solutions a clear edge,” said F-Secure CEO Samu Konttinen. “We believe that these areas were recognized by Gartner. And, to us, the recognition validates our efforts to continue leveraging our strengths to bring comprehensive endpoint protection, detection and response solutions to even more organizations all over the world.”

The issue affects most, if not all laptops that support Intel Management Engine / Intel AMT. It is unrelated to the recently disclosed Spectre and Meltdown vulnerabilities.

“Initiatives like these are critical to attracting potential cyber security experts to Finland to help maintain the country’s position as a global cyber security leader,” says Stahlberg. “Finland has some of the best homegrown cyber security expertise in the industry, but demand for cyber security is driving competition and we need to invest now if we want to stay ahead.”

The domain name system (DNS) is an internet protocol that translates internet domain names into IP addresses. It’s how people, applications, and devices connect with websites and other internet resources. And manipulating people into visiting malicious URLs with phishing emails, malvertising, and other cyber attacks is a common way for hackers to compromise their victims.

The discovery is the latest in a long list of internet-enabled "things," or smart devices, that are not adequately secured to withstand modern attacks that take place constantly across the internet. Smart cars, CCTV cameras, DVRs, water kettles, and routers are just some of the devices that have been found to be woefully insecure. The problem has been magnified by botnets such as Mirai, which co-opted internet-exposed insecure cameras and DVRs to orchestrate last October's giant internet outage – the largest DDoS attack against the internet infrastructure in history.

F-Secure Chief Research Officer Mikko Hypponen fears that makers of devices for connected homes are repeating "the same mistakes we already fixed 20 years ago" in the PC market. Manufacturers are failing to prioritize security, even as the adoption of internet-connected devices and vulnerabilities in those devices grow exponentially. During his countless talks about security around the world, Mikko often warns that "The Internet of Things is a clear and present danger to the internet" and he tries to make consumers aware of Hypponen's Law, which states: "Whenever an appliance is described as being ‘smart', it's vulnerable."

There was one known ransomware family variant in 2012, according to F-Secure's State of Cyber Security 2017 report. By 2015, there were 35, which exploded to 193 in 2016.

The report notes that the group's infrastructure has links with entities in Russia, Ukraine, and China, but does not offer definitive conclusions about who is behind the group. The report also highlights that while there is evidence suggesting the group has ties with a nation-state, the specifics of that relationship are unclear.